lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <clo3nj5fokr47vheikv7nozr2exzha3rwkyfqq7n3s6vqyglzr@g6eu2ycy6gzo>
Date: Mon, 4 Nov 2024 16:26:31 +0000
From: Karan Sanghavi <karansanghvi98@...il.com>
To: Jonathan Cameron <jic23@...nel.org>
Cc: Lars-Peter Clausen <lars@...afoo.de>, linux-iio@...r.kernel.org, 
	linux-kernel@...r.kernel.org, Shuah Khan <skhan@...uxfoundation.org>, 
	Anup <anupnewsmail@...il.com>
Subject: Re: [PATCH] iio: invensense: fix integer overflow while
 multiplication

On Sun, Nov 03, 2024 at 11:18:27AM +0000, Jonathan Cameron wrote:
> On Sun, 03 Nov 2024 08:43:14 +0000
> Karan Sanghavi <karansanghvi98@...il.com> wrote:
> 
> Hi Karan,
> 
> > Typecast a variable to int64_t for 64-bit arithmetic multiplication
> 
> The path to actually triggering this is non obvious as these
> inputs are the result of rather complex code paths and per chip
> constraints.  Have you identified a particular combination that overflows
> or is this just based on the type?  I have no problem with applying this
> as hardening against future uses but unless we have a path to trigger
> it today it isn't a fix.
> 
> If you do have a path, this description should state what it is.
>

The above issue is discovered by Coverity with CID 1586045 and 1586044.
Link: https://scan7.scan.coverity.com/#/project-view/51946/11354?selectedIssue=1586045

Should I mention this path in the commit short message?

> > 
> > Signed-off-by: Karan Sanghavi <karansanghvi98@...il.com>
> If it's a real bug, needs a Fixes tag so we know how far to backport it.
> 

What kind of Fixes tag should I provide here. 

> > ---
> >  drivers/iio/common/inv_sensors/inv_sensors_timestamp.c | 4 ++--
> >  1 file changed, 2 insertions(+), 2 deletions(-)
> > 
> > diff --git a/drivers/iio/common/inv_sensors/inv_sensors_timestamp.c b/drivers/iio/common/inv_sensors/inv_sensors_timestamp.c
> > index f44458c380d9..d1d11d0b2458 100644
> > --- a/drivers/iio/common/inv_sensors/inv_sensors_timestamp.c
> > +++ b/drivers/iio/common/inv_sensors/inv_sensors_timestamp.c
> > @@ -105,8 +105,8 @@ static bool inv_update_chip_period(struct inv_sensors_timestamp *ts,
> >  
> >  static void inv_align_timestamp_it(struct inv_sensors_timestamp *ts)
> >  {
> > -	const int64_t period_min = ts->min_period * ts->mult;
> > -	const int64_t period_max = ts->max_period * ts->mult;
> > +	const int64_t period_min = (int64_t)ts->min_period * ts->mult;
> > +	const int64_t period_max = (int64_t)ts->max_period * ts->mult;
> >  	int64_t add_max, sub_max;
> >  	int64_t delta, jitter;
> >  	int64_t adjust;
> > 
> > ---
> > base-commit: 81983758430957d9a5cb3333fe324fd70cf63e7e
> > change-id: 20241102-coverity1586045integeroverflow-cbbf357475d9
> > 
> > Best regards,
>

Thank you,
Karan.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ